XP security tab - group or user names odd entry

  • Thread starter Thread starter gavin
  • Start date Start date
G

gavin

hello!

I noticed after deleting a user from XP pro that I had an odd entry
left in the security tab for certain files. It was a string of digits
along the lines of: s2324-34343-45454 etc. (cant recall exact example).

I assume this is some reference to the deleted users access rights but
why does this not get deleted too when the user is removed?

I also noticed on a slow Terminal services that ALL entries (even for
existing users/groups) were shown as these numbers very briefly before
the screen repainted...

Can anyone explain?

cheers :-)
 
Howdy.

Partly anyway - can't tell you why the rights are not removed with the user,
but you're right in that the string of numbers represents a user - or more
accurately, the Security ID associated with that user I believe. In
reality, those numbers are always there, you're just noticing it on the slow
connection - when you've got a good connection to your DC's, the
name-to-number resolution happens pretty fast...

HTH
J
 
Jeff said:
Howdy.

Partly anyway - can't tell you why the rights are not removed with the user,
but you're right in that the string of numbers represents a user - or more
accurately, the Security ID associated with that user I believe. In
reality, those numbers are always there, you're just noticing it on the slow
connection - when you've got a good connection to your DC's, the
name-to-number resolution happens pretty fast...

HTH
J
Click to expand...

I can't say for sure, but I would guess that the SID string is saved to
ensure that it isn't reissued.

--
The reader should exercise normal caution and backup the Registry and
data files regularly, and especially before making any changes to their
PC, as well as performing regular virus and spyware scans. I am not
liable for problems or mishaps that occur from the reader using advice
posted here. No warranty, express or implied, is given with the posting
of this message.
 
hello!

I noticed after deleting a user from XP pro that I had an odd entry
left in the security tab for certain files. It was a string of digits
along the lines of: s2324-34343-45454 etc. (cant recall exact example).

I assume this is some reference to the deleted users access rights but
why does this not get deleted too when the user is removed?

I also noticed on a slow Terminal services that ALL entries (even for
existing users/groups) were shown as these numbers very briefly before
the screen repainted...

Can anyone explain?

cheers :-)
Click to expand...

It would be pretty slow for the machine to go through all the drives on the
system each time you get rid of a user account. How about it a big
domain--- each time a user or group gets deleted, it would need to search
all the servers and workstations and remove all references to that user or
group.

(This is one reason why the best practice is to assign access based on
groups and not to individual user accounts. Groups are less likely to
change as frequently as user accounts.)
 
Back
Top